GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,808
Composer 5,566
Erlang 49
GitHub Actions 49
Go 3,479
Maven 6,393
npm 5,718
NuGet 886
pip 4,740
Pub 13
RubyGems 1,031
Rust 1,225
Swift 53

Unreviewed advisories

All unreviewed 297,402

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

382 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The frontend gRPC server's streaming interceptor chain did not include the authorization... Moderate Unreviewed

CVE-2026-5724 was published Apr 10, 2026

Unauthenticated functionality in CoolerControl/coolercontrold <4.0.0 allows unauthenticated... Moderate Unreviewed

CVE-2026-5300 was published Apr 8, 2026

A specific administrative endpoint notifications is accessible without proper authentication. Moderate Unreviewed

CVE-2026-28767 was published Apr 3, 2026

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's... Moderate Unreviewed

CVE-2026-29132 was published Apr 2, 2026

HCL BigFix Platform is affected by insufficient authentication. The application might allow... Moderate Unreviewed

CVE-2026-21767 was published Apr 2, 2026

A non-default configuration in Sage DPW 2025_06_004 allows unauthenticated access to diagnostic... Moderate Unreviewed

CVE-2025-67805 was published Apr 1, 2026

OpenViking versions 0.2.5 prior to 0.2.14 contain a missing authentication vulnerability in the... Moderate Unreviewed

CVE-2026-34999 was published Apr 1, 2026

Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without... Moderate Unreviewed

CVE-2026-34411 was published Mar 27, 2026

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may... Moderate Unreviewed

CVE-2026-33366 was published Mar 27, 2026

Missing Authentication for Critical Function vulnerability in Drupal AJAX Dashboard allows... Moderate Unreviewed

CVE-2026-3527 was published Mar 26, 2026

GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 before 18.8.7, 18.9... Moderate Unreviewed

CVE-2026-1724 was published Mar 25, 2026

SHARP routers do not perform authentication for some web APIs. The device information may be... Moderate Unreviewed

CVE-2026-32326 was published Mar 25, 2026

phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows unauthenticated... Moderate Unreviewed

CVE-2019-25632 was published Mar 24, 2026

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows... Moderate Unreviewed

CVE-2026-4649 was published Mar 24, 2026

BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain an authentication bypass... Moderate Unreviewed

CVE-2025-71257 was published Mar 19, 2026

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2026-2491 was published Mar 16, 2026

Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7... Moderate Unreviewed

CVE-2026-20995 was published Mar 16, 2026

The authentication mechanism for a specific feature in the EasyShare module contains a... Moderate Unreviewed

CVE-2025-15515 was published Mar 13, 2026

The Booking Calendar for Appointments and Service Businesses – Booktics plugin for WordPress is... Moderate Unreviewed

CVE-2026-1920 was published Mar 10, 2026

The Booking Calendar for Appointments and Service Businesses – Booktics plugin for WordPress is... Moderate Unreviewed

CVE-2026-1919 was published Mar 10, 2026

Insufficient protection mechanisms in the Health Module may lead to partial information disclosure. Moderate Unreviewed

CVE-2025-15567 was published Feb 27, 2026

A security vulnerability has been detected in Chia Blockchain 2.1.0. This issue affects the... Moderate Unreviewed

CVE-2026-3192 was published Feb 25, 2026

Due to missing authentication, a user with physical access to the device can misuse the mesh... Moderate Unreviewed

CVE-2026-27846 was published Feb 25, 2026

A vulnerability was determined in DataLinkDC dinky up to 1.2.5. This affects the function... Moderate Unreviewed

CVE-2026-3053 was published Feb 24, 2026

The Razorpay for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2025-14294 was published Feb 19, 2026

Previous1…16 Next

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

382 advisories